torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

pki: add new vault root ca to pki

Browse Source
This commit is contained in:
Torjus Håkestad
2026-02-03 04:56:22 +01:00
parent 048536ba70
commit 225943c8a5
4 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
system/default.nix
View File

@@ -7,7 +7,7 @@
./packages.nix ./packages.nix
./nix.nix ./nix.nix
./root-user.nix ./root-user.nix
./root-ca.nix ./pki/root-ca.nix
./sops.nix ./sops.nix
./sshd.nix ./sshd.nix
./vault-secrets.nix ./vault-secrets.nix

0
system/root-ca.crt → system/pki/root-ca.crt
View File

1
system/root-ca.nix → system/pki/root-ca.nix
View File

@@ -4,6 +4,7 @@
certificateFiles = [ certificateFiles = [
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
./root-ca.crt ./root-ca.crt
./root-ca-vault.crt
]; ];
}; };
} }

14
system/pki/vault-root-ca.crt Normal file
View File

@@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICIjCCAaigAwIBAgIUQ/Bd/4kNvkPjQjgGLUMynIVzGeAwCgYIKoZIzj0EAwMw
QDELMAkGA1UEBhMCTk8xEDAOBgNVBAoTB0hvbWVsYWIxHzAdBgNVBAMTFmhvbWUu
MnJqdXMubmV0IFJvb3QgQ0EwHhcNMjYwMjAxMjIxODA5WhcNMzYwMTMwMjIxODM5
WjBAMQswCQYDVQQGEwJOTzEQMA4GA1UEChMHSG9tZWxhYjEfMB0GA1UEAxMWaG9t
ZS4ycmp1cy5uZXQgUm9vdCBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABH8xhIOl
Nd1Yb1OFhgIJQZM+OkwoFenOQiKfuQ4oPMxaF+fnXdKc77qPDVRjeDy61oGS38X3
CjPOZAzS9kjo7FmVbzdqlYK7ut/OylF+8MJkCT8mFO1xvuzIXhufnyAD4aNjMGEw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEimBeAg
3JVeF4BqdC9hMZ8MYKw2MB8GA1UdIwQYMBaAFEimBeAg3JVeF4BqdC9hMZ8MYKw2
MAoGCCqGSM49BAMDA2gAMGUCMQCvhRElHBra/XyT93SKcG6ZzIG+K+DH3J5jm6Xr
zaGj2VtdhBRVmEKaUcjU7htgSxcCMA9qHKYFcUH72W7By763M6sy8OOiGQNDSERY
VgnNv9rLCvCef1C8G2bYh/sKGZTPGQ==
-----END CERTIFICATE-----